Test ID:	1.3.6.1.4.1.25623.1.0.882780
Category:	CentOS Local Security Checks
Title:	CentOS Update for dnsmasq CESA-2017:2836 centos7
Summary:	Check the version of dnsmasq
Description:	Summary: Check the version of dnsmasq Vulnerability Insight: The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. (CVE-2017-14491) * A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless. (CVE-2017-14492) * A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would cause it to a crash or, potentially, execute arbitrary code. (CVE-2017-14493) * An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data. (CVE-2017-14494) * A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14495) * An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. (CVE-2017-14496) Red Hat would like to thank Felix Wilhelm (Google Security Team), Fermin J. Serna (Google Security Team), Gabriel Campana (Google Security Team), Kevin Hamacher (Google Security Team), and Ron Bowes (Google Security Team) for reporting these issues. Affected Software/OS: dnsmasq on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-14491 BugTraq ID: 101085 http://www.securityfocus.com/bid/101085 BugTraq ID: 101977 http://www.securityfocus.com/bid/101977 CERT/CC vulnerability note: VU#973527 https://www.kb.cert.org/vuls/id/973527 Debian Security Information: DSA-3989 (Google Search) http://www.debian.org/security/2017/dsa-3989 https://www.debian.org/security/2017/dsa-3989 https://www.exploit-db.com/exploits/42941/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXRZ2W6TV6NLUJC5NOFBSG6PZSMDTYPV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5MMPCJOYPPL4B5RBY4U425PWG7EETDTD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/527KNN34RN2SB6MBJG7CKSEBWYE3TJEB/ https://security.gentoo.org/glsa/201710-27 http://packetstormsecurity.com/files/144480/Dnsmasq-2-Byte-Heap-Based-Overflow.html https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html https://www.arista.com/en/support/advisories-notices/security-advisories/3577-security-advisory-30 https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11665.html https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg11664.html RedHat Security Advisories: RHSA-2017:2836 https://access.redhat.com/errata/RHSA-2017:2836 RedHat Security Advisories: RHSA-2017:2837 https://access.redhat.com/errata/RHSA-2017:2837 RedHat Security Advisories: RHSA-2017:2838 https://access.redhat.com/errata/RHSA-2017:2838 RedHat Security Advisories: RHSA-2017:2839 https://access.redhat.com/errata/RHSA-2017:2839 RedHat Security Advisories: RHSA-2017:2840 https://access.redhat.com/errata/RHSA-2017:2840 RedHat Security Advisories: RHSA-2017:2841 https://access.redhat.com/errata/RHSA-2017:2841 http://www.securitytracker.com/id/1039474 SuSE Security Announcement: SUSE-SU-2017:2616 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html SuSE Security Announcement: SUSE-SU-2017:2617 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html SuSE Security Announcement: SUSE-SU-2017:2619 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html SuSE Security Announcement: openSUSE-SU-2017:2633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://www.ubuntu.com/usn/USN-3430-1 http://www.ubuntu.com/usn/USN-3430-2 http://www.ubuntu.com/usn/USN-3430-3 Common Vulnerability Exposure (CVE) ID: CVE-2017-14492 https://www.exploit-db.com/exploits/42942/ Common Vulnerability Exposure (CVE) ID: CVE-2017-14493 https://www.exploit-db.com/exploits/42943/ Common Vulnerability Exposure (CVE) ID: CVE-2017-14494 https://www.exploit-db.com/exploits/42944/ Common Vulnerability Exposure (CVE) ID: CVE-2017-14495 https://www.exploit-db.com/exploits/42945/ Common Vulnerability Exposure (CVE) ID: CVE-2017-14496 https://www.exploit-db.com/exploits/42946/
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.